﻿<%@ WebHandler Language="C#" Class="Login" %>

using System;
using System.Collections.Generic;
using System.Data;
using System.Web;
using System.Web.SessionState;

public class Login : IHttpHandler,IRequiresSessionState {
    
    public void ProcessRequest (HttpContext context) {
        context.Response.ContentType = "text/plain";
        string UserID = context.Request.Params["username"];
        string Pass = context.Request.Params["password"];
        string EnterpriseName="";
        string UserPower = "";
        //context.Request.
        int code = 0;
        code = loginAsync(UserID, Pass);
            if (code == 200)
            {
                //UserID = UserID.Replace(";", "");
                EnterpriseName = mssql.GetString("select top 1 EnterpriseName from [Web_User](nolock) where UserID='" + UserID + "'");
                UserPower = mssql.GetString("select top 1 UserPower from [Web_User](nolock) where UserID='" + UserID + "'");
                context.Session["UserID"] = UserID;
                context.Session["Pass"] = Pass;
                context.Session["EnterpriseName"] = EnterpriseName;
                context.Session["UserPower"] = UserPower;
            }
            context.Response.Write("{\"code\":\"" + code + "\",\"msg\":\"" + result[code] + "\",\"forward\":\"/Default.aspx\"}");
    }

    MsSqlHelper mssql = new MsSqlHelper();
    Common Init = new Common();

    public int loginAsync(string user,string pass)
    {
        if (!(string.IsNullOrEmpty(mssql.GetString("select top 1 UserPass from [Web_User](nolock) where UserState='false' and UserID='" + user + "'")))) return 102;
        string repass = mssql.GetString("select top 1 UserPass from [Web_User](nolock) where UserID='" + user + "'");        
        if (string.IsNullOrEmpty(repass))
        {            
            return 100;
        }
        else
        {
            if (Init.Decrypt(repass) == pass)
            {
                return 200;
            }
            else
            {
                return 101;
            }            
        }
    }

    private Dictionary<int, string> result = new Dictionary<int, string>()
        { 
            { 100, "账号不存在" },
            { 200, "登录成功" },
            { 101, "密码错误" },
            {102,"账号被禁用"}
        };
 
    public bool IsReusable {
        get {
            return false;
        }
    }

}